Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Infection


  • Please log in to reply
16 replies to this topic

#1 captainmeow

captainmeow

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 30 August 2012 - 12:54 PM

My computer recently fell victim to a virus that locked it and demanded money under the guise of copyright infringement detection. i knew this was a virus and instantly rebooted my pc, opened task manager and looked for any suspect processes. I found one called xsecva.exe and killed it. I then ran Malware bytes to be sure and removed any remaining infection, however my browser would continue to redirect me to sites selling bogus antivirus software. I rebooted my computer and scanned again, only to find that all the removed files had returned, so i fear that this may be a rootkit.

could anyone here please help me?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:43 PM

Posted 30 August 2012 - 12:55 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 captainmeow

captainmeow
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 30 August 2012 - 03:07 PM

TDSS log:

19:04:27.0328 3040 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
19:04:28.0211 3040 ============================================================
19:04:28.0211 3040 Current date / time: 2012/08/30 19:04:28.0211
19:04:28.0211 3040 SystemInfo:
19:04:28.0211 3040
19:04:28.0211 3040 OS Version: 6.1.7601 ServicePack: 1.0
19:04:28.0211 3040 Product type: Workstation
19:04:28.0211 3040 ComputerName: VIBOX-PC
19:04:28.0212 3040 UserName: VIBOX
19:04:28.0212 3040 Windows directory: C:\Windows
19:04:28.0212 3040 System windows directory: C:\Windows
19:04:28.0212 3040 Running under WOW64
19:04:28.0212 3040 Processor architecture: Intel x64
19:04:28.0212 3040 Number of processors: 4
19:04:28.0212 3040 Page size: 0x1000
19:04:28.0212 3040 Boot type: Normal boot
19:04:28.0212 3040 ============================================================
19:04:29.0250 3040 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x700FC, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
19:04:29.0263 3040 ============================================================
19:04:29.0263 3040 \Device\Harddisk0\DR0:
19:04:29.0263 3040 MBR partitions:
19:04:29.0264 3040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:04:29.0264 3040 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
19:04:29.0264 3040 ============================================================
19:04:29.0281 3040 C: <-> \Device\Harddisk0\DR0\Partition2
19:04:29.0282 3040 ============================================================
19:04:29.0282 3040 Initialize success
19:04:29.0282 3040 ============================================================
19:05:39.0700 3020 ============================================================
19:05:39.0701 3020 Scan started
19:05:39.0701 3020 Mode: Manual; TDLFS;
19:05:39.0701 3020 ============================================================
19:05:40.0444 3020 ================ Scan system memory ========================
19:05:40.0444 3020 System memory - ok
19:05:40.0445 3020 ================ Scan services =============================
19:05:40.0637 3020 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:05:40.0640 3020 1394ohci - ok
19:05:40.0680 3020 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:05:40.0683 3020 ACPI - ok
19:05:40.0710 3020 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:05:40.0712 3020 AcpiPmi - ok
19:05:40.0958 3020 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:05:40.0963 3020 AdobeFlashPlayerUpdateSvc - ok
19:05:41.0030 3020 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:05:41.0041 3020 adp94xx - ok
19:05:41.0081 3020 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:05:41.0084 3020 adpahci - ok
19:05:41.0108 3020 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:05:41.0110 3020 adpu320 - ok
19:05:41.0140 3020 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:05:41.0141 3020 AeLookupSvc - ok
19:05:41.0186 3020 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:05:41.0190 3020 AFD - ok
19:05:41.0214 3020 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:05:41.0215 3020 agp440 - ok
19:05:41.0246 3020 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:05:41.0248 3020 ALG - ok
19:05:41.0278 3020 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:05:41.0279 3020 aliide - ok
19:05:41.0316 3020 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:05:41.0319 3020 AMD External Events Utility - ok
19:05:41.0389 3020 AMD FUEL Service - ok
19:05:41.0418 3020 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:05:41.0419 3020 amdide - ok
19:05:41.0452 3020 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
19:05:41.0453 3020 amdiox64 - ok
19:05:41.0468 3020 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:05:41.0469 3020 AmdK8 - ok
19:05:41.0692 3020 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:05:41.0880 3020 amdkmdag - ok
19:05:41.0924 3020 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:05:41.0928 3020 amdkmdap - ok
19:05:41.0968 3020 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:05:41.0969 3020 AmdPPM - ok
19:05:41.0999 3020 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:05:42.0000 3020 amdsata - ok
19:05:42.0023 3020 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:05:42.0025 3020 amdsbs - ok
19:05:42.0040 3020 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:05:42.0041 3020 amdxata - ok
19:05:42.0068 3020 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:05:42.0069 3020 AODDriver4.01 - ok
19:05:42.0091 3020 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:05:42.0091 3020 AODDriver4.1 - ok
19:05:42.0138 3020 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:05:42.0141 3020 AppID - ok
19:05:42.0166 3020 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:05:42.0167 3020 AppIDSvc - ok
19:05:42.0192 3020 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:05:42.0194 3020 Appinfo - ok
19:05:42.0229 3020 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:05:42.0230 3020 arc - ok
19:05:42.0257 3020 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:05:42.0258 3020 arcsas - ok
19:05:42.0373 3020 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:05:42.0396 3020 aspnet_state - ok
19:05:42.0455 3020 [ 912A215CE180A6E7C923C662D7EC777D ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
19:05:42.0456 3020 AsrAppCharger - ok
19:05:42.0483 3020 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:05:42.0485 3020 AsyncMac - ok
19:05:42.0508 3020 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:05:42.0509 3020 atapi - ok
19:05:42.0581 3020 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:05:42.0583 3020 AtiHDAudioService - ok
19:05:42.0615 3020 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
19:05:42.0617 3020 AtiHdmiService - ok
19:05:42.0857 3020 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:05:42.0904 3020 atikmdag - ok
19:05:42.0958 3020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:05:42.0965 3020 AudioEndpointBuilder - ok
19:05:42.0974 3020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:05:42.0978 3020 AudioSrv - ok
19:05:43.0023 3020 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:05:43.0025 3020 AxInstSV - ok
19:05:43.0054 3020 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:05:43.0059 3020 b06bdrv - ok
19:05:43.0099 3020 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:05:43.0105 3020 b57nd60a - ok
19:05:43.0154 3020 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:05:43.0158 3020 BDESVC - ok
19:05:43.0183 3020 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:05:43.0184 3020 Beep - ok
19:05:43.0211 3020 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:05:43.0214 3020 blbdrive - ok
19:05:43.0255 3020 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:05:43.0257 3020 bowser - ok
19:05:43.0277 3020 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:05:43.0278 3020 BrFiltLo - ok
19:05:43.0284 3020 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:05:43.0285 3020 BrFiltUp - ok
19:05:43.0321 3020 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:05:43.0323 3020 Browser - ok
19:05:43.0359 3020 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:05:43.0363 3020 Brserid - ok
19:05:43.0369 3020 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:05:43.0371 3020 BrSerWdm - ok
19:05:43.0380 3020 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:05:43.0381 3020 BrUsbMdm - ok
19:05:43.0412 3020 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:05:43.0413 3020 BrUsbSer - ok
19:05:43.0422 3020 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:05:43.0424 3020 BTHMODEM - ok
19:05:43.0450 3020 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:05:43.0471 3020 bthserv - ok
19:05:43.0490 3020 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:05:43.0491 3020 cdfs - ok
19:05:43.0539 3020 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:05:43.0542 3020 cdrom - ok
19:05:43.0577 3020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:05:43.0578 3020 CertPropSvc - ok
19:05:43.0604 3020 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:05:43.0605 3020 circlass - ok
19:05:43.0635 3020 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:05:43.0640 3020 CLFS - ok
19:05:43.0708 3020 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:05:43.0710 3020 clr_optimization_v2.0.50727_32 - ok
19:05:43.0753 3020 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:05:43.0756 3020 clr_optimization_v2.0.50727_64 - ok
19:05:43.0857 3020 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:05:43.0861 3020 clr_optimization_v4.0.30319_32 - ok
19:05:43.0901 3020 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:05:43.0933 3020 clr_optimization_v4.0.30319_64 - ok
19:05:43.0974 3020 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:05:43.0975 3020 CmBatt - ok
19:05:43.0989 3020 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:05:43.0990 3020 cmdide - ok
19:05:44.0037 3020 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:05:44.0041 3020 CNG - ok
19:05:44.0060 3020 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:05:44.0061 3020 Compbatt - ok
19:05:44.0104 3020 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:05:44.0105 3020 CompositeBus - ok
19:05:44.0119 3020 COMSysApp - ok
19:05:44.0142 3020 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:05:44.0143 3020 crcdisk - ok
19:05:44.0203 3020 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
19:05:44.0206 3020 Creative ALchemy AL6 Licensing Service - ok
19:05:44.0245 3020 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
19:05:44.0246 3020 Creative Audio Engine Licensing Service - ok
19:05:44.0291 3020 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:05:44.0294 3020 CryptSvc - ok
19:05:44.0345 3020 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
19:05:44.0351 3020 CTAudSvcService - ok
19:05:44.0397 3020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:05:44.0423 3020 DcomLaunch - ok
19:05:44.0473 3020 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:05:44.0478 3020 defragsvc - ok
19:05:44.0495 3020 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:05:44.0497 3020 DfsC - ok
19:05:44.0534 3020 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:05:44.0539 3020 Dhcp - ok
19:05:44.0565 3020 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:05:44.0566 3020 discache - ok
19:05:44.0600 3020 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:05:44.0602 3020 Disk - ok
19:05:44.0653 3020 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:05:44.0658 3020 Dnscache - ok
19:05:44.0705 3020 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:05:44.0710 3020 dot3svc - ok
19:05:44.0771 3020 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:05:44.0776 3020 DPS - ok
19:05:44.0804 3020 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:05:44.0806 3020 drmkaud - ok
19:05:44.0851 3020 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:05:44.0867 3020 DXGKrnl - ok
19:05:44.0891 3020 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:05:44.0893 3020 EapHost - ok
19:05:44.0963 3020 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:05:45.0018 3020 ebdrv - ok
19:05:45.0049 3020 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:05:45.0050 3020 EFS - ok
19:05:45.0098 3020 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:05:45.0104 3020 ehRecvr - ok
19:05:45.0116 3020 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:05:45.0118 3020 ehSched - ok
19:05:45.0171 3020 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:05:45.0182 3020 elxstor - ok
19:05:45.0198 3020 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:05:45.0199 3020 ErrDev - ok
19:05:45.0237 3020 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:05:45.0242 3020 EventSystem - ok
19:05:45.0275 3020 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:05:45.0278 3020 exfat - ok
19:05:45.0286 3020 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:05:45.0289 3020 fastfat - ok
19:05:45.0320 3020 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:05:45.0328 3020 Fax - ok
19:05:45.0351 3020 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:05:45.0352 3020 fdc - ok
19:05:45.0375 3020 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:05:45.0375 3020 fdPHost - ok
19:05:45.0388 3020 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:05:45.0389 3020 FDResPub - ok
19:05:45.0405 3020 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:05:45.0406 3020 FileInfo - ok
19:05:45.0414 3020 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:05:45.0415 3020 Filetrace - ok
19:05:45.0437 3020 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:05:45.0438 3020 flpydisk - ok
19:05:45.0455 3020 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:05:45.0458 3020 FltMgr - ok
19:05:45.0483 3020 [ 7C3C4B4C951EC1BDFD4F769D05E2CC68 ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
19:05:45.0485 3020 FNETURPX - ok
19:05:45.0551 3020 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:05:45.0565 3020 FontCache - ok
19:05:45.0608 3020 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:05:45.0609 3020 FontCache3.0.0.0 - ok
19:05:45.0626 3020 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:05:45.0629 3020 FsDepends - ok
19:05:45.0690 3020 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:05:45.0692 3020 Fs_Rec - ok
19:05:45.0736 3020 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:05:45.0741 3020 fvevol - ok
19:05:45.0766 3020 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:05:45.0768 3020 gagp30kx - ok
19:05:45.0810 3020 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:05:45.0819 3020 gpsvc - ok
19:05:45.0878 3020 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:05:45.0882 3020 gupdate - ok
19:05:45.0901 3020 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:05:45.0904 3020 gupdatem - ok
19:05:45.0947 3020 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:05:45.0948 3020 hamachi - ok
19:05:46.0048 3020 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:05:46.0069 3020 Hamachi2Svc - ok
19:05:46.0096 3020 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:05:46.0097 3020 hcw85cir - ok
19:05:46.0125 3020 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:05:46.0128 3020 HdAudAddService - ok
19:05:46.0168 3020 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:05:46.0169 3020 HDAudBus - ok
19:05:46.0183 3020 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:05:46.0184 3020 HidBatt - ok
19:05:46.0190 3020 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:05:46.0191 3020 HidBth - ok
19:05:46.0196 3020 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:05:46.0198 3020 HidIr - ok
19:05:46.0220 3020 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:05:46.0221 3020 hidserv - ok
19:05:46.0261 3020 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:05:46.0262 3020 HidUsb - ok
19:05:46.0358 3020 [ 5A457C3D00C1C701230A12AA1580114D ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
19:05:46.0359 3020 HiPatchService - ok
19:05:46.0391 3020 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:05:46.0395 3020 hkmsvc - ok
19:05:46.0422 3020 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:05:46.0429 3020 HomeGroupListener - ok
19:05:46.0458 3020 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:05:46.0465 3020 HomeGroupProvider - ok
19:05:46.0493 3020 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:05:46.0494 3020 HpSAMD - ok
19:05:46.0514 3020 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:05:46.0523 3020 HTTP - ok
19:05:46.0546 3020 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:05:46.0547 3020 hwpolicy - ok
19:05:46.0583 3020 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:05:46.0583 3020 i8042prt - ok
19:05:46.0641 3020 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:05:46.0646 3020 iaStorV - ok
19:05:46.0708 3020 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:05:46.0725 3020 idsvc - ok
19:05:46.0798 3020 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:05:46.0799 3020 iirsp - ok
19:05:46.0920 3020 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:05:46.0938 3020 IKEEXT - ok
19:05:46.0965 3020 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:05:46.0966 3020 intelide - ok
19:05:46.0986 3020 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:05:46.0987 3020 intelppm - ok
19:05:47.0014 3020 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:05:47.0016 3020 IPBusEnum - ok
19:05:47.0040 3020 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:05:47.0042 3020 IpFilterDriver - ok
19:05:47.0054 3020 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:05:47.0056 3020 IPMIDRV - ok
19:05:47.0068 3020 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:05:47.0070 3020 IPNAT - ok
19:05:47.0098 3020 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:05:47.0099 3020 IRENUM - ok
19:05:47.0117 3020 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:05:47.0117 3020 isapnp - ok
19:05:47.0134 3020 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:05:47.0137 3020 iScsiPrt - ok
19:05:47.0153 3020 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:05:47.0154 3020 kbdclass - ok
19:05:47.0188 3020 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:05:47.0189 3020 kbdhid - ok
19:05:47.0207 3020 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:05:47.0208 3020 KeyIso - ok
19:05:47.0251 3020 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:05:47.0252 3020 KSecDD - ok
19:05:47.0265 3020 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:05:47.0267 3020 KSecPkg - ok
19:05:47.0297 3020 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:05:47.0297 3020 ksthunk - ok
19:05:47.0333 3020 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:05:47.0337 3020 KtmRm - ok
19:05:47.0370 3020 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:05:47.0373 3020 LanmanServer - ok
19:05:47.0419 3020 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:05:47.0425 3020 LanmanWorkstation - ok
19:05:47.0483 3020 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:05:47.0485 3020 lltdio - ok
19:05:47.0523 3020 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:05:47.0528 3020 lltdsvc - ok
19:05:47.0555 3020 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:05:47.0557 3020 lmhosts - ok
19:05:47.0583 3020 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:05:47.0584 3020 LSI_FC - ok
19:05:47.0606 3020 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:05:47.0607 3020 LSI_SAS - ok
19:05:47.0626 3020 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:05:47.0674 3020 LSI_SAS2 - ok
19:05:47.0701 3020 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:05:47.0704 3020 LSI_SCSI - ok
19:05:47.0748 3020 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:05:47.0750 3020 luafv - ok
19:05:47.0787 3020 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:05:47.0791 3020 Mcx2Svc - ok
19:05:47.0820 3020 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:05:47.0822 3020 megasas - ok
19:05:47.0856 3020 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:05:47.0863 3020 MegaSR - ok
19:05:47.0885 3020 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:05:47.0889 3020 MMCSS - ok
19:05:47.0911 3020 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:05:47.0912 3020 Modem - ok
19:05:47.0927 3020 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:05:47.0927 3020 monitor - ok
19:05:47.0952 3020 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:05:47.0953 3020 mouclass - ok
19:05:47.0984 3020 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:05:47.0985 3020 mouhid - ok
19:05:48.0007 3020 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:05:48.0008 3020 mountmgr - ok
19:05:48.0088 3020 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:05:48.0091 3020 MozillaMaintenance - ok
19:05:48.0118 3020 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:05:48.0121 3020 mpio - ok
19:05:48.0142 3020 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:05:48.0143 3020 mpsdrv - ok
19:05:48.0161 3020 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:05:48.0163 3020 MRxDAV - ok
19:05:48.0201 3020 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:05:48.0205 3020 mrxsmb - ok
19:05:48.0225 3020 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:05:48.0231 3020 mrxsmb10 - ok
19:05:48.0252 3020 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:05:48.0256 3020 mrxsmb20 - ok
19:05:48.0283 3020 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:05:48.0285 3020 msahci - ok
19:05:48.0303 3020 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:05:48.0307 3020 msdsm - ok
19:05:48.0330 3020 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:05:48.0333 3020 MSDTC - ok
19:05:48.0380 3020 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:05:48.0381 3020 Msfs - ok
19:05:48.0400 3020 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:05:48.0401 3020 mshidkmdf - ok
19:05:48.0412 3020 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:05:48.0413 3020 msisadrv - ok
19:05:48.0445 3020 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:05:48.0448 3020 MSiSCSI - ok
19:05:48.0453 3020 msiserver - ok
19:05:48.0488 3020 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:05:48.0489 3020 MSKSSRV - ok
19:05:48.0498 3020 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:05:48.0499 3020 MSPCLOCK - ok
19:05:48.0503 3020 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:05:48.0504 3020 MSPQM - ok
19:05:48.0521 3020 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:05:48.0526 3020 MsRPC - ok
19:05:48.0556 3020 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:05:48.0557 3020 mssmbios - ok
19:05:48.0587 3020 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:05:48.0588 3020 MSTEE - ok
19:05:48.0614 3020 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:05:48.0615 3020 MTConfig - ok
19:05:48.0633 3020 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:05:48.0635 3020 Mup - ok
19:05:48.0666 3020 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:05:48.0671 3020 napagent - ok
19:05:48.0707 3020 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:05:48.0711 3020 NativeWifiP - ok
19:05:48.0746 3020 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:05:48.0756 3020 NDIS - ok
19:05:48.0778 3020 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:05:48.0779 3020 NdisCap - ok
19:05:48.0799 3020 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:05:48.0800 3020 NdisTapi - ok
19:05:48.0833 3020 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:05:48.0833 3020 Ndisuio - ok
19:05:48.0851 3020 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:05:48.0853 3020 NdisWan - ok
19:05:48.0872 3020 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:05:48.0877 3020 NDProxy - ok
19:05:48.0899 3020 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:05:48.0900 3020 NetBIOS - ok
19:05:48.0927 3020 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:05:48.0930 3020 NetBT - ok
19:05:48.0955 3020 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:05:48.0956 3020 Netlogon - ok
19:05:48.0997 3020 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:05:49.0002 3020 Netman - ok
19:05:49.0067 3020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:05:49.0071 3020 NetMsmqActivator - ok
19:05:49.0103 3020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:05:49.0104 3020 NetPipeActivator - ok
19:05:49.0157 3020 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:05:49.0162 3020 netprofm - ok
19:05:49.0166 3020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:05:49.0167 3020 NetTcpActivator - ok
19:05:49.0171 3020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:05:49.0172 3020 NetTcpPortSharing - ok
19:05:49.0209 3020 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:05:49.0210 3020 nfrd960 - ok
19:05:49.0241 3020 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:05:49.0244 3020 NlaSvc - ok
19:05:49.0258 3020 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:05:49.0259 3020 Npfs - ok
19:05:49.0274 3020 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:05:49.0275 3020 nsi - ok
19:05:49.0291 3020 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:05:49.0291 3020 nsiproxy - ok
19:05:49.0365 3020 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:05:49.0382 3020 Ntfs - ok
19:05:49.0407 3020 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:05:49.0408 3020 Null - ok
19:05:49.0441 3020 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
19:05:49.0446 3020 NVENETFD - ok
19:05:49.0488 3020 [ 956A1F47826514C1EA0C295FE13C7377 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
19:05:49.0493 3020 NVNET - ok
19:05:49.0542 3020 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:05:49.0544 3020 nvraid - ok
19:05:49.0575 3020 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:05:49.0577 3020 nvstor - ok
19:05:49.0603 3020 [ 662A129CEBB4C0B01F95612A7F6DCC9A ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
19:05:49.0605 3020 nvstor64 - ok
19:05:49.0620 3020 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:05:49.0622 3020 nv_agp - ok
19:05:49.0646 3020 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:05:49.0647 3020 ohci1394 - ok
19:05:49.0705 3020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:05:49.0713 3020 p2pimsvc - ok
19:05:49.0775 3020 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:05:49.0787 3020 p2psvc - ok
19:05:49.0832 3020 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:05:49.0834 3020 Parport - ok
19:05:49.0873 3020 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:05:49.0875 3020 partmgr - ok
19:05:49.0900 3020 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:05:49.0906 3020 PcaSvc - ok
19:05:49.0933 3020 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:05:49.0936 3020 pci - ok
19:05:49.0948 3020 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:05:49.0949 3020 pciide - ok
19:05:49.0962 3020 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:05:49.0965 3020 pcmcia - ok
19:05:49.0984 3020 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:05:49.0986 3020 pcw - ok
19:05:50.0006 3020 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:05:50.0012 3020 PEAUTH - ok
19:05:50.0091 3020 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:05:50.0094 3020 PerfHost - ok
19:05:50.0154 3020 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:05:50.0169 3020 pla - ok
19:05:50.0230 3020 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:05:50.0235 3020 PlugPlay - ok
19:05:50.0271 3020 PnkBstrA - ok
19:05:50.0292 3020 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:05:50.0296 3020 PNRPAutoReg - ok
19:05:50.0313 3020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:05:50.0316 3020 PNRPsvc - ok
19:05:50.0346 3020 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:05:50.0352 3020 PolicyAgent - ok
19:05:50.0383 3020 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:05:50.0386 3020 Power - ok
19:05:50.0411 3020 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:05:50.0413 3020 PptpMiniport - ok
19:05:50.0433 3020 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:05:50.0434 3020 Processor - ok
19:05:50.0468 3020 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:05:50.0472 3020 ProfSvc - ok
19:05:50.0492 3020 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:05:50.0495 3020 ProtectedStorage - ok
19:05:50.0518 3020 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:05:50.0520 3020 Psched - ok
19:05:50.0568 3020 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:05:50.0583 3020 ql2300 - ok
19:05:50.0608 3020 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:05:50.0610 3020 ql40xx - ok
19:05:50.0633 3020 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:05:50.0637 3020 QWAVE - ok
19:05:50.0656 3020 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:05:50.0656 3020 QWAVEdrv - ok
19:05:50.0670 3020 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:05:50.0671 3020 RasAcd - ok
19:05:50.0719 3020 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:05:50.0726 3020 RasAgileVpn - ok
19:05:50.0774 3020 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:05:50.0779 3020 RasAuto - ok
19:05:50.0825 3020 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:05:50.0828 3020 Rasl2tp - ok
19:05:50.0871 3020 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:05:50.0880 3020 RasMan - ok
19:05:50.0901 3020 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:05:50.0904 3020 RasPppoe - ok
19:05:50.0927 3020 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:05:50.0929 3020 RasSstp - ok
19:05:50.0948 3020 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:05:50.0952 3020 rdbss - ok
19:05:50.0966 3020 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:05:50.0967 3020 rdpbus - ok
19:05:50.0981 3020 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:05:50.0982 3020 RDPCDD - ok
19:05:51.0025 3020 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:05:51.0025 3020 RDPENCDD - ok
19:05:51.0034 3020 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:05:51.0034 3020 RDPREFMP - ok
19:05:51.0072 3020 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:05:51.0075 3020 RDPWD - ok
19:05:51.0108 3020 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:05:51.0114 3020 rdyboost - ok
19:05:51.0154 3020 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:05:51.0157 3020 RemoteAccess - ok
19:05:51.0183 3020 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:05:51.0186 3020 RemoteRegistry - ok
19:05:51.0198 3020 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:05:51.0200 3020 RpcEptMapper - ok
19:05:51.0221 3020 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:05:51.0223 3020 RpcLocator - ok
19:05:51.0259 3020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:05:51.0262 3020 RpcSs - ok
19:05:51.0288 3020 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:05:51.0289 3020 rspndr - ok
19:05:51.0340 3020 [ 60EB8A87357CA5B088B422D1E55A2405 ] rt61x64 C:\Windows\system32\DRIVERS\netr6164.sys
19:05:51.0344 3020 rt61x64 - ok
19:05:51.0365 3020 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:05:51.0368 3020 SamSs - ok
19:05:51.0389 3020 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:05:51.0391 3020 sbp2port - ok
19:05:51.0418 3020 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:05:51.0422 3020 SCardSvr - ok
19:05:51.0444 3020 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:05:51.0445 3020 scfilter - ok
19:05:51.0482 3020 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:05:51.0496 3020 Schedule - ok
19:05:51.0513 3020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:05:51.0514 3020 SCPolicySvc - ok
19:05:51.0541 3020 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:05:51.0543 3020 SDRSVC - ok
19:05:51.0565 3020 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:05:51.0566 3020 secdrv - ok
19:05:51.0588 3020 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:05:51.0590 3020 seclogon - ok
19:05:51.0605 3020 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:05:51.0607 3020 SENS - ok
19:05:51.0629 3020 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:05:51.0633 3020 SensrSvc - ok
19:05:51.0709 3020 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:05:51.0711 3020 Serenum - ok
19:05:51.0735 3020 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:05:51.0739 3020 Serial - ok
19:05:51.0761 3020 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:05:51.0763 3020 sermouse - ok
19:05:51.0801 3020 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:05:51.0804 3020 SessionEnv - ok
19:05:51.0835 3020 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:05:51.0836 3020 sffdisk - ok
19:05:51.0841 3020 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:05:51.0842 3020 sffp_mmc - ok
19:05:51.0848 3020 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:05:51.0849 3020 sffp_sd - ok
19:05:51.0854 3020 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:05:51.0855 3020 sfloppy - ok
19:05:51.0882 3020 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:05:51.0886 3020 ShellHWDetection - ok
19:05:51.0926 3020 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:05:51.0927 3020 SiSRaid2 - ok
19:05:51.0939 3020 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:05:51.0940 3020 SiSRaid4 - ok
19:05:52.0035 3020 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:05:52.0039 3020 SkypeUpdate - ok
19:05:52.0072 3020 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:05:52.0075 3020 Smb - ok
19:05:52.0126 3020 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:05:52.0128 3020 SNMPTRAP - ok
19:05:52.0160 3020 [ FFC5F7ED77AA59AA0A6B70F3D7A22A93 ] Sound Blaster X-Fi MB Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
19:05:52.0162 3020 Sound Blaster X-Fi MB Licensing Service - ok
19:05:52.0185 3020 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:05:52.0186 3020 spldr - ok
19:05:52.0227 3020 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:05:52.0233 3020 Spooler - ok
19:05:52.0335 3020 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:05:52.0408 3020 sppsvc - ok
19:05:52.0426 3020 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:05:52.0428 3020 sppuinotify - ok
19:05:52.0470 3020 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:05:52.0476 3020 srv - ok
19:05:52.0499 3020 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:05:52.0503 3020 srv2 - ok
19:05:52.0540 3020 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:05:52.0542 3020 srvnet - ok
19:05:52.0571 3020 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:05:52.0577 3020 SSDPSRV - ok
19:05:52.0595 3020 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:05:52.0598 3020 SstpSvc - ok
19:05:52.0619 3020 Steam Client Service - ok
19:05:52.0641 3020 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:05:52.0642 3020 stexstor - ok
19:05:52.0701 3020 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:05:52.0708 3020 stisvc - ok
19:05:52.0738 3020 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:05:52.0739 3020 swenum - ok
19:05:52.0777 3020 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:05:52.0785 3020 swprv - ok
19:05:52.0819 3020 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:05:52.0838 3020 SysMain - ok
19:05:52.0866 3020 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:05:52.0868 3020 TabletInputService - ok
19:05:52.0882 3020 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:05:52.0886 3020 TapiSrv - ok
19:05:52.0900 3020 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:05:52.0902 3020 TBS - ok
19:05:52.0976 3020 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:05:53.0002 3020 Tcpip - ok
19:05:53.0055 3020 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:05:53.0068 3020 TCPIP6 - ok
19:05:53.0096 3020 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:05:53.0098 3020 tcpipreg - ok
19:05:53.0122 3020 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:05:53.0123 3020 TDPIPE - ok
19:05:53.0157 3020 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:05:53.0158 3020 TDTCP - ok
19:05:53.0183 3020 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:05:53.0185 3020 tdx - ok
19:05:53.0203 3020 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:05:53.0204 3020 TermDD - ok
19:05:53.0233 3020 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:05:53.0241 3020 TermService - ok
19:05:53.0250 3020 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:05:53.0251 3020 Themes - ok
19:05:53.0264 3020 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:05:53.0265 3020 THREADORDER - ok
19:05:53.0286 3020 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:05:53.0288 3020 TrkWks - ok
19:05:53.0323 3020 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:05:53.0327 3020 TrustedInstaller - ok
19:05:53.0347 3020 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:05:53.0349 3020 tssecsrv - ok
19:05:53.0379 3020 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:05:53.0380 3020 TsUsbFlt - ok
19:05:53.0391 3020 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:05:53.0392 3020 TsUsbGD - ok
19:05:53.0432 3020 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:05:53.0434 3020 tunnel - ok
19:05:53.0446 3020 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:05:53.0448 3020 uagp35 - ok
19:05:53.0466 3020 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:05:53.0470 3020 udfs - ok
19:05:53.0491 3020 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:05:53.0493 3020 UI0Detect - ok
19:05:53.0525 3020 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:05:53.0527 3020 uliagpkx - ok
19:05:53.0553 3020 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:05:53.0555 3020 umbus - ok
19:05:53.0580 3020 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:05:53.0582 3020 UmPass - ok
19:05:53.0601 3020 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:05:53.0607 3020 upnphost - ok
19:05:53.0683 3020 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:05:53.0689 3020 usbaudio - ok
19:05:53.0753 3020 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:05:53.0760 3020 usbccgp - ok
19:05:53.0858 3020 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:05:53.0864 3020 usbcir - ok
19:05:53.0943 3020 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:05:53.0946 3020 usbehci - ok
19:05:53.0997 3020 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:05:54.0003 3020 usbhub - ok
19:05:54.0022 3020 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:05:54.0023 3020 usbohci - ok
19:05:54.0041 3020 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:05:54.0041 3020 usbprint - ok
19:05:54.0094 3020 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:05:54.0096 3020 usbscan - ok
19:05:54.0139 3020 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
19:05:54.0142 3020 USBSTOR - ok
19:05:54.0193 3020 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:05:54.0208 3020 usbuhci - ok
19:05:54.0230 3020 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:05:54.0234 3020 UxSms - ok
19:05:54.0250 3020 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:05:54.0251 3020 VaultSvc - ok
19:05:54.0283 3020 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:05:54.0284 3020 vdrvroot - ok
19:05:54.0316 3020 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:05:54.0322 3020 vds - ok
19:05:54.0349 3020 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:05:54.0350 3020 vga - ok
19:05:54.0361 3020 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:05:54.0362 3020 VgaSave - ok
19:05:54.0372 3020 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:05:54.0375 3020 vhdmp - ok
19:05:54.0458 3020 [ 906A7C6B6659A650648CF21998270945 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
19:05:54.0474 3020 VIAHdAudAddService - ok
19:05:54.0488 3020 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:05:54.0489 3020 viaide - ok
19:05:54.0519 3020 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:05:54.0520 3020 volmgr - ok
19:05:54.0536 3020 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:05:54.0540 3020 volmgrx - ok
19:05:54.0559 3020 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:05:54.0564 3020 volsnap - ok
19:05:54.0591 3020 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:05:54.0593 3020 vsmraid - ok
19:05:54.0649 3020 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:05:54.0668 3020 VSS - ok
19:05:54.0683 3020 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:05:54.0684 3020 vwifibus - ok
19:05:54.0692 3020 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:05:54.0693 3020 vwififlt - ok
19:05:54.0724 3020 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:05:54.0728 3020 W32Time - ok
19:05:54.0761 3020 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:05:54.0762 3020 WacomPen - ok
19:05:54.0783 3020 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:05:54.0784 3020 WANARP - ok
19:05:54.0788 3020 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:05:54.0789 3020 Wanarpv6 - ok
19:05:54.0850 3020 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:05:54.0866 3020 WatAdminSvc - ok
19:05:54.0931 3020 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:05:54.0954 3020 wbengine - ok
19:05:54.0968 3020 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:05:54.0972 3020 WbioSrvc - ok
19:05:54.0987 3020 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:05:54.0991 3020 wcncsvc - ok
19:05:55.0008 3020 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:05:55.0010 3020 WcsPlugInService - ok
19:05:55.0032 3020 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:05:55.0033 3020 Wd - ok
19:05:55.0053 3020 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:05:55.0059 3020 Wdf01000 - ok
19:05:55.0088 3020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:05:55.0090 3020 WdiServiceHost - ok
19:05:55.0094 3020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:05:55.0098 3020 WdiSystemHost - ok
19:05:55.0121 3020 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:05:55.0127 3020 WebClient - ok
19:05:55.0141 3020 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:05:55.0146 3020 Wecsvc - ok
19:05:55.0161 3020 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:05:55.0164 3020 wercplsupport - ok
19:05:55.0190 3020 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:05:55.0192 3020 WerSvc - ok
19:05:55.0214 3020 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:05:55.0215 3020 WfpLwf - ok
19:05:55.0233 3020 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:05:55.0234 3020 WIMMount - ok
19:05:55.0242 3020 WinHttpAutoProxySvc - ok
19:05:55.0278 3020 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:05:55.0280 3020 Winmgmt - ok
19:05:55.0322 3020 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:05:55.0341 3020 WinRM - ok
19:05:55.0404 3020 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:05:55.0407 3020 WinUsb - ok
19:05:55.0450 3020 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:05:55.0463 3020 Wlansvc - ok
19:05:55.0486 3020 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:05:55.0487 3020 WmiAcpi - ok
19:05:55.0531 3020 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:05:55.0534 3020 wmiApSrv - ok
19:05:55.0569 3020 WMPNetworkSvc - ok
19:05:55.0596 3020 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:05:55.0598 3020 WPCSvc - ok
19:05:55.0612 3020 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:05:55.0615 3020 WPDBusEnum - ok
19:05:55.0645 3020 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:05:55.0646 3020 ws2ifsl - ok
19:05:55.0652 3020 WSearch - ok
19:05:55.0684 3020 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:05:55.0688 3020 WudfPf - ok
19:05:55.0724 3020 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:05:55.0727 3020 WUDFRd - ok
19:05:55.0748 3020 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:05:55.0750 3020 wudfsvc - ok
19:05:55.0764 3020 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:05:55.0768 3020 WwanSvc - ok
19:05:55.0825 3020 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:05:55.0828 3020 xusb21 - ok
19:05:55.0851 3020 ================ Scan global ===============================
19:05:55.0874 3020 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:05:55.0921 3020 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:05:55.0938 3020 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:05:55.0965 3020 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:05:56.0015 3020 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
19:05:56.0028 3020 [Global] - ok
19:05:56.0029 3020 ================ Scan MBR ==================================
19:05:56.0040 3020 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:05:56.0499 3020 \Device\Harddisk0\DR0 - ok
19:05:56.0500 3020 ================ Scan VBR ==================================
19:05:56.0501 3020 [ 7764A8FBF9A2AA79AA18303142946DB0 ] \Device\Harddisk0\DR0\Partition1
19:05:56.0504 3020 \Device\Harddisk0\DR0\Partition1 - ok
19:05:56.0544 3020 [ 9E027B3FBE9F7BC9DAD423A496A4EDDD ] \Device\Harddisk0\DR0\Partition2
19:05:56.0547 3020 \Device\Harddisk0\DR0\Partition2 - ok
19:05:56.0548 3020 ============================================================
19:05:56.0548 3020 Scan finished
19:05:56.0549 3020 ============================================================
19:05:56.0588 2324 Detected object count: 0
19:05:56.0588 2324 Actual detected object count: 0
19:36:25.0594 2968 Deinitialize success

#4 captainmeow

captainmeow
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 30 August 2012 - 03:08 PM

asw log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-30 19:06:13
-----------------------------
19:06:13.937 OS Version: Windows x64 6.1.7601 Service Pack 1
19:06:13.937 Number of processors: 4 586 0x503
19:06:13.938 ComputerName: VIBOX-PC UserName: VIBOX
19:06:16.227 Initialize success
19:11:40.910 AVAST engine defs: 12083000
19:12:16.920 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
19:12:16.926 Disk 0 Vendor: Hitachi_ JC4O Size: 953869MB BusType: 3
19:12:16.941 Disk 0 MBR read successfully
19:12:16.947 Disk 0 MBR scan
19:12:16.956 Disk 0 Windows 7 default MBR code
19:12:16.969 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:12:16.993 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
19:12:17.039 Disk 0 scanning C:\Windows\system32\drivers
19:12:25.541 Service scanning
19:12:56.952 Modules scanning
19:12:56.959 Disk 0 trace - called modules:
19:12:56.982 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
19:12:56.987 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800472f060]
19:12:57.336 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa80044cdc90]
19:12:57.348 5 ACPI.sys[fffff88000eb47a1] -> nt!IofCallDriver -> \Device\0000005e[0xfffffa8004196150]
19:12:59.739 AVAST engine scan C:\Windows
19:13:04.508 AVAST engine scan C:\Windows\system32
19:14:24.089 File: C:\Windows\system32\services.exe **INFECTED** Win32:Sirefef-ZT [Trj]
19:14:54.903 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
19:14:57.368 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
19:16:05.810 AVAST engine scan C:\Windows\system32\drivers
19:16:17.852 AVAST engine scan C:\Users\VIBOX
19:24:22.846 File: C:\Users\VIBOX\AppData\Local\Temp\13B1.tmp **INFECTED** Win32:MalOb-HD [Cryp]
19:24:29.125 File: C:\Users\VIBOX\AppData\Local\Temp\FB47.tmp **INFECTED** Win32:MalOb-HD [Cryp]
19:25:34.276 File: C:\Users\VIBOX\AppData\Local\Temp\weraosmxcn.exe **INFECTED** Win32:Kryptik-JUZ [Trj]
19:33:05.335 AVAST engine scan C:\ProgramData
19:34:18.436 Scan finished successfully
19:36:12.800 Disk 0 MBR has been saved successfully to "C:\Users\VIBOX\Documents\MBR.dat"
19:36:12.818 The log file has been saved successfully to "C:\Users\VIBOX\Documents\aswMBR.txt"

#5 captainmeow

captainmeow
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 30 August 2012 - 03:10 PM

ESET log:

C:\Users\VIBOX\AppData\Local\Temp\13B1.tmp Win32/Theola.A trojan cleaned by deleting - quarantined
C:\Users\VIBOX\AppData\Local\Temp\FB47.tmp a variant of Win32/Kryptik.VHM trojan cleaned by deleting - quarantined
C:\Users\VIBOX\AppData\Local\Temp\weraosmxcn.exe a variant of Win32/Kryptik.ALBY trojan cleaned by deleting - quarantined
C:\Windows\Installer\{97b10fda-41d8-2791-8e2e-63bad9d86ad6}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{97b10fda-41d8-2791-8e2e-63bad9d86ad6}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Windows\Installer\{97b10fda-41d8-2791-8e2e-63bad9d86ad6}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Windows\Installer\{97b10fda-41d8-2791-8e2e-63bad9d86ad6}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Windows\Installer\{97b10fda-41d8-2791-8e2e-63bad9d86ad6}\U\80000064.@ Win64/Sirefef.AN trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:43 PM

Posted 30 August 2012 - 03:59 PM

Click on startmenu and type

cmd

Right click on it and select run as administrator and run this command

sfc /scanfile=c:\windows\system32\services.exe

After scan,restart the PC

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 captainmeow

captainmeow
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 30 August 2012 - 05:50 PM

minitoolbox log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by VIBOX (administrator) on 30-08-2012 at 23:47:48
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connecting)
Ralink RT61 Turbo Wireless LAN Card = Wireless Network Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=5.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : VIBOX-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home
event.multiplay.co.uk

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Ralink RT61 Turbo Wireless LAN Card
Physical Address. . . . . . . . . : C8-3A-35-C5-B8-24
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::78be:544a:e115:2350%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 30 August 2012 23:39:08
Lease Expires . . . . . . . . . . : 31 August 2012 23:39:12
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 315111989
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-E0-9F-3E-00-25-22-C3-48-F8
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : event.multiplay.co.uk
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 00-25-22-C3-48-F8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::68c2:c441:8e7e:c3bb%11(Deprecated)
Autoconfiguration IPv4 Address. . : 169.254.195.187(Tentative)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 82.12.16.3
82.12.16.4
Primary WINS Server . . . . . . . : 82.12.16.3
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Hamachi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-05-49-A0-5F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::549:a05f(Preferred)
Link-local IPv6 Address . . . . . : fe80::7c45:c71:5c58:980b%15(Preferred)
IPv4 Address. . . . . . . . . . . : 5.73.160.95(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : 30 August 2012 23:39:06
Lease Expires . . . . . . . . . . : 30 August 2013 23:41:13
Default Gateway . . . . . . . . . : 5.0.0.1
DHCP Server . . . . . . . . . . . : 5.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 461011415
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-E0-9F-3E-00-25-22-C3-48-F8
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F4693B0F-571F-43F9-A9B4-CFD607D7A6F3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: voyager.home
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:4009:805::1003
173.194.34.168
173.194.34.169
173.194.34.161
173.194.34.165
173.194.34.160
173.194.34.163
173.194.34.162
173.194.34.166
173.194.34.164
173.194.34.174
173.194.34.167


Pinging google.com [173.194.34.168] with 32 bytes of data:
Reply from 173.194.34.168: bytes=32 time=36ms TTL=52
Reply from 173.194.34.168: bytes=32 time=37ms TTL=52

Ping statistics for 173.194.34.168:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 37ms, Average = 36ms
Server: voyager.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=171ms TTL=45
Reply from 98.139.183.24: bytes=32 time=156ms TTL=44

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 156ms, Maximum = 171ms, Average = 163ms
Server: voyager.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...c8 3a 35 c5 b8 24 ......Ralink RT61 Turbo Wireless LAN Card
11...00 25 22 c3 48 f8 ......NVIDIA nForce 10/100 Mbps Ethernet
15...7a 79 05 49 a0 5f ......Hamachi Network Interface
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 5.0.0.1 5.73.160.95 9256
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 30
5.0.0.0 255.0.0.0 On-link 5.73.160.95 9256
5.73.160.95 255.255.255.255 On-link 5.73.160.95 9256
5.255.255.255 255.255.255.255 On-link 5.73.160.95 9256
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 286
192.168.1.2 255.255.255.255 On-link 192.168.1.2 286
192.168.1.255 255.255.255.255 On-link 192.168.1.2 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 5.73.160.95 9256
224.0.0.0 240.0.0.0 On-link 192.168.1.2 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 5.73.160.95 9256
255.255.255.255 255.255.255.255 On-link 192.168.1.2 286
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
15 276 2620:9b::/96 On-link
15 276 2620:9b::549:a05f/128 On-link
15 276 fe80::/64 On-link
12 286 fe80::/64 On-link
12 286 fe80::78be:544a:e115:2350/128
On-link
15 276 fe80::7c45:c71:5c58:980b/128
On-link
1 306 ff00::/8 On-link
15 276 ff00::/8 On-link
12 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/30/2012 11:40:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/30/2012 10:14:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/30/2012 10:03:49 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 15.0.0.4619 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12b8

Start Time: 01cd86ef78d4b126

Termination Time: 37

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 30103bf8-f2e6-11e1-8a0e-002522c348f8

Error: (08/30/2012 07:37:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 07:37:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 07:37:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 07:36:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 07:36:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 07:36:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 07:04:11 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (08/30/2012 11:39:35 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/30/2012 11:39:35 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/30/2012 11:39:24 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.1 service failed to start due to the following error:
%%2

Error: (08/30/2012 11:39:11 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/30/2012 11:39:08 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/30/2012 11:39:08 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/30/2012 11:39:08 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.1 service failed to start due to the following error:
%%2

Error: (08/30/2012 10:13:34 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/30/2012 10:13:34 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/30/2012 10:13:24 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (08/30/2012 11:40:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/30/2012 10:14:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/30/2012 10:03:49 PM) (Source: Application Hang)(User: )
Description: firefox.exe15.0.0.461912b801cd86ef78d4b12637C:\Program Files (x86)\Mozilla Firefox\firefox.exe30103bf8-f2e6-11e1-8a0e-002522c348f8

Error: (08/30/2012 07:37:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\VIBOX\Downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 07:37:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\VIBOX\Downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 07:37:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\VIBOX\Downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 07:36:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\VIBOX\Downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 07:36:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\VIBOX\Downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 07:36:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\VIBOX\Downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 07:04:11 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\VIBOX\Downloads\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader 9.5.2 (Version: 9.5.2)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0806.1213.19931)
AMD Media Foundation Decoders (Version: 1.0.70727.2220)
AMD Steady Video Plug-In (Version: 2.04.0000)
AMD VISION Engine Control Center (Version: 2012.0806.1213.19931)
APB Reloaded
ARMA 2
ARMA 2: Operation Arrowhead
ASRock App Charger v1.0.4
ASRock IES v2.0.80
ASRock InstantBoot v1.24
ASRock OC Tuner v2.3.87
ATI AVIVO64 Codecs (Version: 10.11.0.41110)
ATI Problem Report Wizard (Version: 3.0.750.0)
Audacity 1.3.13 (Unicode)
BattlEye Uninstall
Borderlands
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0806.1213.19931)
Catalyst Control Center InstallProxy (Version: 2012.0806.1213.19931)
Catalyst Control Center Localization All (Version: 2012.0806.1213.19931)
ccc-utility64 (Version: 2012.0806.1213.19931)
CCC Help Chinese Standard (Version: 2012.0806.1212.19931)
CCC Help Chinese Traditional (Version: 2012.0806.1212.19931)
CCC Help Czech (Version: 2012.0806.1212.19931)
CCC Help Danish (Version: 2012.0806.1212.19931)
CCC Help Dutch (Version: 2012.0806.1212.19931)
CCC Help English (Version: 2012.0806.1212.19931)
CCC Help Finnish (Version: 2012.0806.1212.19931)
CCC Help French (Version: 2012.0806.1212.19931)
CCC Help German (Version: 2012.0806.1212.19931)
CCC Help Greek (Version: 2012.0806.1212.19931)
CCC Help Hungarian (Version: 2012.0806.1212.19931)
CCC Help Italian (Version: 2012.0806.1212.19931)
CCC Help Japanese (Version: 2012.0806.1212.19931)
CCC Help Korean (Version: 2012.0806.1212.19931)
CCC Help Norwegian (Version: 2012.0806.1212.19931)
CCC Help Polish (Version: 2012.0806.1212.19931)
CCC Help Portuguese (Version: 2012.0806.1212.19931)
CCC Help Russian (Version: 2012.0806.1212.19931)
CCC Help Spanish (Version: 2012.0806.1212.19931)
CCC Help Swedish (Version: 2012.0806.1212.19931)
CCC Help Thai (Version: 2012.0806.1212.19931)
CCC Help Turkish (Version: 2012.0806.1212.19931)
Command & Conquer Generals (Version: 0.50.0000)
Command and ConquerTM Generals Zero Hour (Version: 1.00.0000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Counter-Strike: Source
ESET Online Scanner v3
Fallout (Version: 1.0)
Fallout 2 Unofficial Patch 1.02.27.3
Fallout 3 - Game of the Year Edition
Fallout2
Fraps (remove only)
Garry's Mod
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
Grand Theft Auto III
Grand Theft Auto IV
Grand Theft Auto: Episodes from Liberty City
Grand Theft Auto: San Andreas
Grand Theft Auto: Vice City
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HydraVision (Version: 4.2.116.0)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 27 (64-bit) (Version: 6.0.270)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Killing Floor
LAME v3.98.3 for Audacity
Left 4 Dead
Left 4 Dead 2
LogMeIn Hamachi (Version: 2.1.0.215)
Magicka
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.672.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mirek's Cellebration 4.20
Mozilla Firefox 15.0 (x86 en-GB) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
Mumble 1.2.3 (Version: 1.2.3)
NVIDIA Drivers (Version: 1.5)
NVIDIA PhysX (Version: 9.10.0129)
Platform (Version: 1.34)
Portal 2
Portal 2 Authoring Tools - Beta
Project64 1.6 (Version: 1.6)
PunkBuster Services (Version: 0.993)
Quake 4
RuneScape Launcher 1.2 (Version: 1.2.0)
Shockwave
SimCity 4
Skype™ 5.10 (Version: 5.10.116)
Sound Blaster X-Fi MB (Version: 1.0)
Source SDK
Speccy (Version: 1.17)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Steam (Version: 1.0.0.0)
Super Meat Boy
System Requirements Lab CYRI (Version: 4.5.1.0)
TeamSpeak 3 Client
Tenda Wireless LAN Card (Version: 1.0.0.0)
Terrafirma (Version: 1.9.8)
Terraria
The Binding Of Isaac
TrackMania Nations Forever
Tribes Ascend (Version: 1.0.942.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VIA Platform Device Manager (Version: 1.34)
VLC media player 2.0.3 (Version: 2.0.3)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
XFastUsb
Zero Hour Reborn The Last Stand (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 4095.3 MB
Available physical RAM: 2771.53 MB
Total Pagefile: 8188.8 MB
Available Pagefile: 6554.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.09 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:705.31 GB) NTFS
2 Drive d: (SIMCITY4) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\VIBOX-PC

Administrator Guest VIBOX


**** End of log ****

#8 captainmeow

captainmeow
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 30 August 2012 - 05:52 PM

FSS log:

Farbar Service Scanner Version: 06-08-2012
Ran by VIBOX (administrator) on 30-08-2012 at 23:51:01
Running from "C:\Users\VIBOX\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#9 captainmeow

captainmeow
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 30 August 2012 - 06:02 PM

adwarecleaner log:

# AdwCleaner v2.000 - Logfile created 08/30/2012 at 23:52:59
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : VIBOX - VIBOX-PC
# Boot Mode : Normal
# Running from : C:\Users\VIBOX\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\InstallMate

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-GB)

Profile name : default
File : C:\Users\VIBOX\AppData\Roaming\Mozilla\Firefox\Profiles\g5ohpwbz.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2200 octets] - [30/08/2012 23:52:59]

########## EOF - C:\AdwCleaner[S1].txt - [2260 octets] ##########

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:43 PM

Posted 30 August 2012 - 09:01 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#11 captainmeow

captainmeow
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 31 August 2012 - 08:18 AM

new FSS log:

arbar Service Scanner Version: 06-08-2012
Ran by VIBOX (administrator) on 31-08-2012 at 14:17:43
Running from "C:\Users\VIBOX\Documents\Other Programs\anti-malware"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#12 captainmeow

captainmeow
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 31 August 2012 - 08:19 AM

rkill log

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/31/2012 02:18:36 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Users\VIBOX\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001 (PID: 2108) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/31/2012 02:18:50 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:43 PM

Posted 31 August 2012 - 08:22 AM

.

Edited by narenxp, 31 August 2012 - 08:37 AM.


#14 captainmeow

captainmeow
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 31 August 2012 - 08:28 AM

new rkill log:

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/31/2012 02:27:39 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/31/2012 02:27:43 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:43 PM

Posted 31 August 2012 - 08:37 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users